We have a "mandate" that no insecure FTP servers be run. I know we could restrict access to the insecure FTP server to just CMS users - but I also have to certify annually that all FTP servers are S-FTP (and getting exceptions to mandates with this organization is "very hard to do"). :) FWIW, I'm more concerned with CMS users being able to S-FTP outbound to remote servers (be they z/VM, Linux, Winblows or anything else for that matter). -Mike
-----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Huegel, Thomas Sent: Wednesday, August 08, 2007 10:10 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: Secure FTP On z/VM 5.3 Just a crazy question, by 'local z/VM FTPSERV' are you refering to another z/VM on the same mainframe? If so why would you ever want to do that? I may have to do this too, but never considered the local senerio. -----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] Behalf Of Michael Coffin Sent: Wednesday, August 08, 2007 9:04 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: Secure FTP On z/VM 5.3 Thanks Miguel. This will provide the ability to do S-FTP INBOUND to z/VM's FTPSERVE from the looks of it, but will CMS users be able to S-FTP OUTBOUND to other S-FTP servers (local z/VM FTPSERVE or on remote systems)? -Mike -----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Miguel Delapaz Sent: Wednesday, August 08, 2007 9:55 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: Secure FTP On z/VM 5.3 Mike, Secure FTP was possible prior to z/VM 5.3. You had to specify SECURE on the PORT statement for the FTP server and the client had to initiate a secure connection to the port. In z/VM 5.3 we've added the ability for the client and server to negotiate security options based on RFC 4217 (Securing FTP with TLS). Configuration of the FTP server to support TLS is discussed in TCP/IP Planning and Customization, Chapter 8. Configuring the FTP Server (specifically Step 6: Configure Secure FTP Connections). Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System <IBMVM@LISTSERV.UARK.EDU> wrote on 08/08/2007 06:35:34 AM: > Hi Folks, > > I thought that with the introduction of SSL on z/VM 5.3 we'd be able > to do secure FTP in/out of VM. I'm in the process of installing and > configuring z/VM 5.3 second level right now (and getting the > required Linux guest set up for SSL support) - but I don't see > anything which suggests secure FTP is supported. > > Is secure FTP possible with z/VM 5.3's TCPIP (inbound, outbound, or > both)? If it is, can someone point me to the doc discussing this > (I've read all of the z/VM 5.3 TCPIP manuals and the Program > Directory, and I just don't see this .......)? > > -TIA > > -Mike _____ << ella for Spam Control >> has removed 12499 VSE-List messages and set aside 11373 VM-List for me You can use it too - and it's FREE! www.ellaforspam.com
